In the event that an account is compromised (password sniffed, etc.), it would be relatively trivial for the interloper to click on 'Edit your user settings' (home node) and modify the email address the monastery uses to send a reminder. This would, in effect, lock you out of your own account. How could you prove you were <insert monk name here>? I propose the email address not be visible by default. Yahoo mail stores bithdays in a DB and simply states 'Info on file'. Perhaps a small text box could be provided that allowed each monk to verify his/her current address by entering the value currently stored in a table?